Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 24.10 and 24.04 LTS USN-7503-1: python-h11 info leak issue

ubuntu
Calendar Grey May 8, 2025
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-7504-1 highlights critical vulnerabilities in python-requests, providing detailed descriptions and guidance on applying essential updates for system integrity
python-h11 could be made to expose sensitive information over the network.

Summary

python-h11 could be made to expose sensitive information over the

network.

Software Description:

- python-h11: Pure-Python, bring-your-own-I/O implementation of HTTP/1.1

Details:

Jeppe Bonde Weikop discovered that h11 incorrectly handled crafted HTTP

requests. A remote attacker could possibly use this issue to smuggle

malicious HTTP requests, which could potentially lead to security

control bypass and information leakage.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
  python3-h11                     0.14.0-1ubuntu0.24.10.1

Ubuntu 24.04 LTS
  python3-h11                     0.14.0-1ubuntu0.24.04.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7503-1

CVE-2025-43859

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7503-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here